Overview

overview

10

Static

static

3

2bc78e0d14...2d.exe

windows7-x64

10

2bc78e0d14...2d.exe

windows10-2004-x64

10

4922d2660f...c5.exe

windows7-x64

10

4922d2660f...c5.exe

windows10-2004-x64

1

4e14f58935...61.exe

windows7-x64

10

4e14f58935...61.exe

windows10-2004-x64

1

64b9d76ec0...52.exe

windows7-x64

10

64b9d76ec0...52.exe

windows10-2004-x64

3

79f68c9a2d...ee.exe

windows7-x64

7

79f68c9a2d...ee.exe

windows10-2004-x64

7

c984a9446b...d3.exe

windows7-x64

10

c984a9446b...d3.exe

windows10-2004-x64

3

d69dc8e0a1...67.exe

windows7-x64

10

d69dc8e0a1...67.exe

windows10-2004-x64

10

dff2cf2793...3f.exe

windows7-x64

10

dff2cf2793...3f.exe

windows10-2004-x64

1

e542080348...18.exe

windows7-x64

10

e542080348...18.exe

windows10-2004-x64

10

f96c9a2487...e6.exe

windows7-x64

10

f96c9a2487...e6.exe

windows10-2004-x64

3

fe2da521d1...ff.exe

windows7-x64

10

fe2da521d1...ff.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    168s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16-06-2023 15:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fe2da521d1ffb45f669a038f6c729378978c3c144e4008bdcd70cf4edc2c1bff.exe

  • Size

    1.4MB

  • MD5

    c641c7d9ca216af957bc8c752583e27d

  • SHA1

    30b0af43a995d8209e2eee2942b87f27e2175270

  • SHA256

    fe2da521d1ffb45f669a038f6c729378978c3c144e4008bdcd70cf4edc2c1bff

  • SHA512

    5b6bb756e16440ec4a0635d245017b1e871e36074cb8719dbe49b2ef75bdaaa418525223ebba69b8d206ca2b60c4780b57d57ad01ff12b4cd48f69ac8ae6887a

  • SSDEEP

    12288:XuW70T6Q6VyNflqsrlEqOk/ZqOsIiXhn1IE9OnKxA2nS2IingF3u2:XuW78rcyNSOs/139p8bFj

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fe2da521d1ffb45f669a038f6c729378978c3c144e4008bdcd70cf4edc2c1bff.exe
    "C:\Users\Admin\AppData\Local\Temp\fe2da521d1ffb45f669a038f6c729378978c3c144e4008bdcd70cf4edc2c1bff.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2032

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2032-133-0x0000015FD4540000-0x0000015FD4556000-memory.dmp
    Filesize

    88KB

    Download
  • memory/2032-134-0x0000015FEE990000-0x0000015FEE9A0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/2032-135-0x0000015FEE990000-0x0000015FEE9A0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/2032-136-0x0000015FEE990000-0x0000015FEE9A0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/2032-139-0x0000015FEE990000-0x0000015FEE9A0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/2032-140-0x0000015FEE990000-0x0000015FEE9A0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/2032-141-0x0000015FEE990000-0x0000015FEE9A0000-memory.dmp
    Filesize

    64KB

    Download